0 
  //index.php
  <?php
    session_start();
    if(!isset($_SESSION["member"])){
        header("location:admin_login.php");
        exit();
    }

    $managerID = preg_replace('#[^0-9]#i',"",$_SESSION["id"]);
    $manager = preg_replace('#[A-Za-z0-9]#i',"",$_SESSION["name"]);
    $password = preg_replace('#[A-Za-z0-9]#i',"",$_SESSION["password"]);


    include "../storescripts/connect_to_mysql.php";
    $sql = mysql_query("SELECT * FROM admin WHERE id ='managerID' AND username ='$manager' AND password ='$password'LIMIT 1");
    $exist_count = mysql_num_rows($sql);
    if($exist_count == 0){
        echo("Your login session data in not in the database");
        exit();
    }



    ?>
    <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
    <html xmlns="http://www.w3.org/1999/xhtml">
    <html >
    <head>
    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
    <title>Service Admin Area</title>
    <link rel="stylesheet" href="../style/style.css" type="text/css" media="screen"/>
    </head>

    <body>
    <div  id="mainWrapper" > 
        <?php include_once("../template_header.php");?>
        <div id="pageContent" > 
        <div align="left" "style="margin-left:040px;"><h1>Hello Store Manager .What would you loke to do today</h1><br />
        <h3><a href="inventory_list.php">Manage Inventory</a></h3><br/><h3><a href="">Manage Me</a></h3><br/></div></div>
        <?php include_once("../template_header.php");?>
    </div>
    </body>
    </html>

//admin_login.php
<?php
session_start();
if(isset($_SESSION["member"])){
    header("location:index.php");
    exit();
}


$manager = preg_replace('#[A-Za-z0-9]#i',"",$_SESSION["username"]);
$password = preg_replace('#[A-Za-z0-9]#i',"",$_SESSION["password"]);


include "../storescripts/connect_to_mysql.php";
$sql = mysql_query("SELECT * FROM admin WHERE username ='$manager' AND password ='$password'LIMIT 1");
$exist_count = mysql_num_rows($sql);
if($exist_count == 1){
    while(mysql_fetch_array($sql)){
        $id = $row["id"];
        }

    $_SESSION["id"]= $id;
    $_SESSION["name"]= $manager;
    $_SESSION["password"]= $password;
    header("location:index.php");
    exit();

    }
    else{
    echo 'This information is incorrect,try again <a href = "index.php">Click Here</a>';
    exit();
    }




?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<html >
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title> AdminLogin</title>
<link rel="stylesheet" href="../style/style.css" type="text/css" media="screen"/>
</head>

<body>
<div  id="mainWrapper" > 
    <?php include_once("../template_header.php");?>
    <div id="pageContent" > 
    <div align="left" "style="margin-left:040px;"><h1>Please login to continue</h1><br />
    </div>
    <form id="form1" name="form1" method="post" action=" admin_login.php"> 
    UserName<br />
    <input type="text" name="username" id="username" size="40"/>
    Password<br />
    <input type="password" name="password" id="password" size="40"/> 
    <br />
    <br />
    <br /> 
    <input type="submit" name="button" id="button" value="LogIn"/>  
    </form>
    </div>
    <?php include_once("../template_header.php");?>
</div>
</body>
</html>

这越来越烦人了,我不能得到错误,而且我知道它很小,真的希望我能在你们中间纠正错误。上面两个 php 页面是为了在我的练习 web 文档中制作管理员登录页面。

4

1 回答 1

1

$_SESSION['name']在一个脚本和$_SESSION['username']另一个脚本中使用。

我想如果你改变usernamename反之亦然,错误就会消失。

我不确定密码的错误是什么,我的直觉是你看到它是因为会话才刚刚开始并且 $_SESSION 数组是空的,尝试丢弃一些 if(isset($_SESSION['.. 。'])) 大约。

在 admin_login 中,您应该检查登录按钮是否已被单击,并且您不只是加载表单,即

//admin_login.php
<?php
session_start();
if(isset($_SESSION["member"])){
    header("location:index.php");
    exit();
}

if(@$_POST['button'] == 'LogIn'){     // <-  Check the user has clicked the button
  $manager = preg_replace('#[A-Za-z0-9]#i',"",$_SESSION["username"]);
  $password = preg_replace('#[A-Za-z0-9]#i',"",$_SESSION["password"]);


  include "../storescripts/connect_to_mysql.php";
  $sql = mysql_query("SELECT * FROM admin WHERE username ='$manager' AND password ='$password'LIMIT 1");
  $exist_count = mysql_num_rows($sql);
  if($exist_count == 1){
      while(mysql_fetch_array($sql)){
          $id = $row["id"];
      }

      $_SESSION["id"]= $id;
      $_SESSION["name"]= $manager;
      $_SESSION["password"]= $password;
      header("location:index.php");
      exit();

    }else{
      echo 'This information is incorrect,try again <a href = "index.php">Click Here</a>';
      exit();
    }

}


?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
....

其他一些需要注意的事项:

  • 您在登录表单中有两个<html>标签
  • 登录表单的 action 属性在脚本名称前有一个空格
  • 如果您在 SQL 中使用 LIMIT 1 ,则无需mysql_fetch_arraywhile()
于 2012-06-27T10:58:49.140 回答